package com.blog.base.service.impl;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

import com.blog.admin.bean.Role;
import com.blog.admin.bean.User;
import com.blog.admin.service.MenuService;
import com.blog.admin.service.RoleService;
import com.blog.admin.service.UserService;

/**
 * @todo shiro授权类
 * @author fg
 * @date 2016年3月15日
 */
public class ShiroDbRealm extends AuthorizingRealm
{

	@Resource
	UserService userService;
	
	@Resource
	RoleService roleService;
	
	@Resource
	MenuService menuService;
	
	/**
	 * @todo 需要获取授权信息时调用
	 * @author fg
	 * @date 2016年3月15日
	 */
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) 
	{
		Subject currentUserSub = SecurityUtils.getSubject(); 
		User user = (User)currentUserSub.getSession().getAttribute("currentUser");
		if(user==null)
		{
			throw new AuthorizationException(); 
		}
		else
		{
			SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
			simpleAuthorInfo.addRoles(user.getShiroRoleList());
			return simpleAuthorInfo;
		}
		
	}

	/**
	 * @todo 登录时调用
	 * @author fg
	 * @date 2016年3月15日
	 */
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken authenticationToken) throws AuthenticationException 
	{
        //UsernamePasswordToken对象用来存放提交的登录信息  
        UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;
        //查出是否有此用户  
        User loginUser = new User();
        loginUser.setUserName(token.getUsername());
        User user = userService.queryUserByUserName(loginUser);

        if(user!=null){
    		user.setRoleList(roleService.queryRoleByUserId(user.getId()));
    		user.setMenuList(menuService.queryMenuByRoleList(user.getRoleList()));
    		List<String> roleList = new ArrayList<String>();  
    		for(Role role:user.getRoleList())
    		{
    			roleList.add(role.getRoleName());
    		}
    		user.setShiroRoleList(roleList);
            //若存在，将此用户存放到登录认证info中  
            AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user.getUserName(), user.getPassword(), getName());
            Subject currentUser = SecurityUtils.getSubject(); 
            Session session = currentUser.getSession(); 
            session.setAttribute("currentUser", user);
            return authcInfo; 
        }
        return null;
	}

}
